A chgrp ntp /run/samba/ntp_signd/ is only a temporary solution because the /run - directory gets recreated after a reboot.
I suggest moving the whole /run/samba directory to a non-volatile location like /var/lib/samba and setting the correct owner & group (root:ntp) for the ntp_signd directory is the simple way to go here.
As successful time synchronisation is a requisite for domain logons, this should be included immediately.
After a fresh reboot the permissions for /run/samba/ntp_signd/ are:
drwxr-x--- 3 root root /run/samba/ntp_signd
but should be:
drwxr-x--- 3 root ntp /run/samba/ntp_signd
more about that here: https://wiki.samba.org/index.php/Time_Synchronisation
A chgrp ntp /run/samba/ntp_signd/ is only a temporary solution because the /run - directory gets recreated after a reboot.
I suggest moving the whole /run/samba directory to a non-volatile location like /var/lib/samba and setting the correct owner & group (root:ntp) for the ntp_signd directory is the simple way to go here.
As successful time synchronisation is a requisite for domain logons, this should be included immediately.
Original threads:
https://ask.linuxmuster.net/t/systemzeit-unter-windows/8822 https://ask.linuxmuster.net/t/run-samba-ntp-signd-rechte-stimmen-nicht-und-verhindern-dadurch-client-zeitsynchronisation/9215